Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle linux 8 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
668
VMScore
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
668
VMScore
CVE-2021-29921
In Python prior to 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Python Python
Oracle Zfs Storage Appliance Kit 8.8
Oracle Graalvm 20.3.2
Oracle Graalvm 21.1.0
Oracle Communications Cloud Native Core Automated Test Suite 1.8.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
1 Github repository
668
VMScore
CVE-2020-27619
In Python 3 up to and including 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
Python Python
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.2.0
668
VMScore
CVE-2020-10683
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j...
Dom4j Project Dom4j
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Integration Bus 15.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 16.0
Oracle Retail Customer Management And Segmentation Foundation 16.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Retail Customer Management And Segmentation Foundation 18.0
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Data Integrator 12.2.1.3.0
Oracle Utilities Framework 4.4.0.0.0
668
VMScore
CVE-2019-17267
A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Customer Management And Segmentation Foundation
668
VMScore
CVE-2019-16942
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, a...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
2 Github repositories
668
VMScore
CVE-2019-14540
A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Api Services -
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
2 Github repositories
668
VMScore
CVE-2019-16335
A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
Fasterxml Jackson-databind
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Api Services -
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Retail Xstore Point Of Service 15.0
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Banking Platform 2.6.0
1 Github repository
668
VMScore
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Openshift Container Platform 4.1
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 3.11
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »